Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Setting up a counter in XSOAR

Hello,

So we have a playbook that is meant to send alerts via email in strikes. In each strike there is a link to a survey that has only YES/NO answers and based on the answers given be the recipients of those emails we want the playbook to follow a

...

How to dynamic list in email template?

Hello,

 

I want to get a list data of unknown lenght into html body(list).
But I don't know how to do this.
For example, I am pulling a data. in one of them, data1 and data2 come. in the next one, data1, data2 and data3 come. how can I print them dynam

...

Resolved! Dashboard Widget

Hi , 
I have a Button that creates a note in the qradar , is there a way to mark this note as note so it will be showed in the layout in the note section.
Also I can get as a solution not to mark as note but to just to show the result in the layout.

Demisto Service Failed

Hi Everyone ,

 

We are running XSOAR instance with NFR license. 

 

Recently for unknown reasons, the demisto service stopped and is never coming up when we try to start. 

 

 

 

[root@localhost ~]# systemctl status demisto.service
● demisto.service -

...

Pavendhan_K_0-1684316963694.png

Resolved! Custom Automation issue

Hi , 
I created a custom automation in python and in one point I need to retrieve a value from the incident the automation was running on.
For example , in a playbook there is an automation set to status=[ERROR,SUCCESS,ERROR,ERROR] and after that there

...

Extract some fields from csv file

Hi,

 

I have exported a output of splunk query in csv format using exporttocsv automation in a playbook. Now I wanted to use a column of this csv output to be a input for other task. Any one can please suggest if this is possible.

Himangi by L2 Linker
  • 963 Views
  • 1 replies
  • 0 Likes

Resolved! AWS - IAM Identity Center Integration

Hi All,

 

Thank you in advance.

 

I am facing an issue currently in integrating the AWS - IAM Identity Center Community Contribution. I am not able to find the relevant information for the integration such as Role Session Name, and Role Session durat

...

Netskope API v2 error in XSOAR

XSOAR does not parse properly the ids from Netskope. It changes the last two digits with zeros. These errors are in the official XSOAR documentation. Example:

"incident_id": 1478029261577663500

"app_session_id": 4359394467077842400

"browser_session_i

...

SanDev by L2 Linker
  • 1087 Views
  • 2 replies
  • 0 Likes

Auto Incidnet closure

Dear Community,

 

I'm looking for a way to daily automatically close all incidents with specific criteria.

 

I'm trying to archive that using jobs , I'm trying to create a playbook the query incidents (with specific criteria) and whatever the query o

...

  • 1208 Posts
  • 42 Subscriptions
Top Solution Authors
Top Liked Authors